Electronic information is becoming the lifeblood of enterprises and individuals. Information is stored for virtually all aspects of one's life and all transactions that an enterprise engages in. This information is often indexed and stored in directories and/or databases in network repositories.
Information that is considered confidential to an individual or an enterprise is often stored behind a firewall and accessed via an authentication mechanism; the authentication mechanism is usually an identifier and a password combination (login access credential).
In most cases, if a login access credential is compromised, then all data associated with that particular user becomes compromised. That is, if a rogue individual can gain access to a user password or even change a user password to one that the rogue individual knows, then that rogue individual can gain access to all the user data housed in the environment that rogue individual compromised.
One solution used in the industry is to encrypt data with a key, requiring a user to also supply the key to gain access to the data. The problem with this approach is that if the key is compromised then all the data of the user becomes compromised. So, this is only slightly better than having a user's login credential compromised.
Thus, what are needed are improved techniques for securing access to data.